Certified Authorization Professional (CAP®)

Prepare to be an expert in risk assessment and security authorization

Course Code : 2513

$2995

Overview

A Certified Authorization Professional (CAP®) is an information security practitioner who advocates for security risk management in pursuit of information system authorization to support an organization’s mission and operations in line with the legal and regulatory requirements.

This course covers the broad spectrum of topics that are included in the CAP Common Body of Knowledge (CBK), and discusses all the seven domains that are tested in the certification examination for earning the CAP certification.

Schedule Classes

Looking for more sessions of this class?
isc2

Course Delivery

This course is available in the following formats:

Live Classroom
Duration: 5 days

Live Virtual Classroom
Duration: 5 days

What You'll learn

  • Understand risk management program processes
  • Understand regulatory and legal requirements
  • Define Information System (IS) and determine Categorization of the IS
  • Selection of Security Controls
  • Implement selected security controls
  • Prepare for and conduct Security Control Assessment
  • Prepare and review Security Assessment Report
  • Develop Plan of Action and Milestones (POAM)
  • Determine IS risks

Outline

  • Understand the foundation of an organization-wide information security risk management program
  • Understand risk management program processes
  • Understand regulatory and legal requirements
  • Define the Information System (IS)
  • Determine Categorization of the Information System (IS)
  • Identify and document baseline and inherited controls
  • Select and tailor security controls
  • Develop security control monitoring strategy
  • Review and approve Security Plan (SP)
  • Implement selected security controls
  • Document security control implementation
  • Prepare for Security Control Assessment (SCA)
  • Conduct Security Control Assessment (SCA)
  • Prepare Initial Security Assessment Report (SAR)
  • Review Interim Security Assessment Report (SAR) and perform Initial Remediation Actions
  • Develop Final Security Assessment Report (SAR) and optional addendum
  • Develop Plan of Action and Milestones (POAM)
  • Assemble Security Authorization Package
  • Determine Information System (IS) risk
  • Make Security Authorization decisions
  • Determine Security Impact of Changes to Information Systems (IS) and environment
  • Perform Ongoing Security Control Assessments (SCA)
  • Conduct Ongoing Remediation Actions
  • Update documentation
  • Perform periodic security status reporting
  • Perform Ongoing Information System (IS) Risk Acceptance
  • Decommission Information System (IS)
View More

Prerequisites

There are no mandatory prerequisites for this course, however, completing the Foundations of Agile course prior to taking up this course would be beneficial.

Who Should Attend

The course is highly recommended for –

  • US Federal government professionals, especially those in US Department of State or Department of Defense
  • Military professionals
  • Civilian roles, such as, federal contractors
  • Local governments
  • Private sector organizations

Interested in this course? Let’s connect!

Certification

This course helps participants prepare for the certification examination for earning the CAP® certification. The details of the examination are as follows –

Duration of the examination3 hours
Number of questions125
Format of the questionsMultiple-choice questions
Passing grade700 out of 1000 points
Exam availabilityEnglish

 

The examination evaluates the participant’s expertise in seven specific domains. The weightage of these domains in the examination is as below –

DomainWeightage
Information security risk management program15%
Categorization of Information Systems (IS)13%
Selection of Security Controls13%
Implementation of Security Controls15%
Assessment of Security Controls14%
Authorization of Information Systems14%
Continuous monitoring16%

Customer Reviews

Name
Email
Rating
Comments

No reviews yet